Automatically locking out accounts after several unsuccessful logon attempts is a common practice, since failed logon attempts can be a sign of an intruder or malware trying to get into your IT system. Before unlocking an account, it’s wise to find out why incorrect passwords were repeatedly provided; otherwise, you increase the risk of unauthorized access to your sensitive data. Therefore, it’s important to continuously monitor which accounts get unlocked and by whom, so you can spot any that were unlocked without proper approval and respond quickly to protect your systems and data.

Netwrix Auditor for Active Directory delivers complete visibility into what’s going on in your Active Directory, with more than 200 easy-to-read predefined audit reports with filtering, grouping and sorting capabilities, as well as a subscription option that automatically delivers reports via email or saves them to a shared folder. The User Account Status Changes report delivers actionable intelligence about which accounts were locked and who unlocked them, enabling IT admins to stay aware of all changes to user accounts and easily investigate any particular incident.